mirror of
https://gitlab.com/shorewall/code.git
synced 2024-12-22 14:20:40 +01:00
Adding extra actions provided by Debian package
Do not use yet - these need cleaning git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2394 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
parent
cf1e462278
commit
b6649720cb
11
Shorewall/action.AllowAmanda
Normal file
11
Shorewall/action.AllowAmanda
Normal file
@ -0,0 +1,11 @@
|
||||
#
|
||||
# Shorewall 2.0 /etc/shorewall/action.AllowAmanda
|
||||
#
|
||||
# This action accepts connections required by the Amanda backup system.
|
||||
#
|
||||
######################################################################################
|
||||
#TARGET SOURCE DEST PROTO DEST SOURCE RATE
|
||||
# PORT PORT(S) LIMIT
|
||||
ACCEPT - - udp amanda
|
||||
ACCEPT - - tcp 50000:50100
|
||||
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
10
Shorewall/action.AllowBitTorrent
Normal file
10
Shorewall/action.AllowBitTorrent
Normal file
@ -0,0 +1,10 @@
|
||||
#
|
||||
# Shorewall 2.0 /etc/shorewall/action.AllowBitTorrent
|
||||
#
|
||||
# This action accepts BitTorrent traffic.
|
||||
#
|
||||
######################################################################################
|
||||
#TARGET SOURCE DEST PROTO DEST SOURCE RATE
|
||||
# PORT PORT(S) LIMIT
|
||||
ACCEPT - - tcp 6881:6889
|
||||
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
10
Shorewall/action.AllowCVS
Normal file
10
Shorewall/action.AllowCVS
Normal file
@ -0,0 +1,10 @@
|
||||
#
|
||||
# Shorewall 2.0 /etc/shorewall/action.AllowCVS
|
||||
#
|
||||
# This action accepts connections required by the CVS server
|
||||
#
|
||||
######################################################################################
|
||||
#TARGET SOURCE DEST PROTO DEST SOURCE RATE
|
||||
# PORT PORT(S) LIMIT
|
||||
ACCEPT - - tcp 2401
|
||||
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
10
Shorewall/action.AllowDistcc
Normal file
10
Shorewall/action.AllowDistcc
Normal file
@ -0,0 +1,10 @@
|
||||
#
|
||||
# Shorewall 2.0 /etc/shorewall/action.AllowDistcc
|
||||
#
|
||||
# This action accepts connections required by the Distributed Compiler service
|
||||
#
|
||||
######################################################################################
|
||||
#TARGET SOURCE DEST PROTO DEST SOURCE RATE
|
||||
# PORT PORT(S) LIMIT
|
||||
ACCEPT - - tcp 3632
|
||||
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
11
Shorewall/action.AllowEdonkey
Normal file
11
Shorewall/action.AllowEdonkey
Normal file
@ -0,0 +1,11 @@
|
||||
#
|
||||
# Shorewall 2.2 /usr/share/shorewall/action.AllowEdonkey
|
||||
#
|
||||
# This action accepts Edonkey traffic
|
||||
#
|
||||
######################################################################################
|
||||
#TARGET SOURCE DEST PROTO DEST SOURCE RATE USER/
|
||||
# PORT PORT(S) LIMIT GROUP
|
||||
ACCEPT - - tcp 4662
|
||||
ACCEPT - - udp 4665
|
||||
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
11
Shorewall/action.AllowGnutella
Normal file
11
Shorewall/action.AllowGnutella
Normal file
@ -0,0 +1,11 @@
|
||||
#
|
||||
# Shorewall 2.2 /usr/share/shorewall/action.AllowGnutella
|
||||
#
|
||||
# This action accepts gnutella traffic
|
||||
#
|
||||
######################################################################################
|
||||
#TARGET SOURCE DEST PROTO DEST SOURCE RATE USER/
|
||||
# PORT PORT(S) LIMIT GROUP
|
||||
ACCEPT - - tcp 6346
|
||||
ACCEPT - - udp 6346
|
||||
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
10
Shorewall/action.AllowICQ
Normal file
10
Shorewall/action.AllowICQ
Normal file
@ -0,0 +1,10 @@
|
||||
#
|
||||
# Shorewall 2.0 /etc/shorewall/action.AllowICQ
|
||||
#
|
||||
# This action accepts ICQ traffic.
|
||||
#
|
||||
######################################################################################
|
||||
#TARGET SOURCE DEST PROTO DEST SOURCE RATE
|
||||
# PORT PORT(S) LIMIT
|
||||
ACCEPT - - tcp 5190
|
||||
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
10
Shorewall/action.AllowLDAP
Normal file
10
Shorewall/action.AllowLDAP
Normal file
@ -0,0 +1,10 @@
|
||||
#
|
||||
# Shorewall 2.0 /etc/shorewall/action.AllowLDAP
|
||||
#
|
||||
# This action accepts LDAP traffic.
|
||||
#
|
||||
######################################################################################
|
||||
#TARGET SOURCE DEST PROTO DEST SOURCE RATE
|
||||
# PORT PORT(S) LIMIT
|
||||
ACCEPT - - tcp ldap
|
||||
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
10
Shorewall/action.AllowMySQL
Normal file
10
Shorewall/action.AllowMySQL
Normal file
@ -0,0 +1,10 @@
|
||||
#
|
||||
# Shorewall 2.0 /etc/shorewall/action.AllowMySQL
|
||||
#
|
||||
# This action accepts connections required by the MySQL server
|
||||
#
|
||||
######################################################################################
|
||||
#TARGET SOURCE DEST PROTO DEST SOURCE RATE
|
||||
# PORT PORT(S) LIMIT
|
||||
ACCEPT - - tcp 3306
|
||||
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
10
Shorewall/action.AllowPostgreSQL
Normal file
10
Shorewall/action.AllowPostgreSQL
Normal file
@ -0,0 +1,10 @@
|
||||
#
|
||||
# Shorewall 2.0 /etc/shorewall/action.AllowPostgreSQL
|
||||
#
|
||||
# This action accepts connections required by the PostgreSQL server
|
||||
#
|
||||
######################################################################################
|
||||
#TARGET SOURCE DEST PROTO DEST SOURCE RATE
|
||||
# PORT PORT(S) LIMIT
|
||||
ACCEPT - - tcp 5432
|
||||
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
10
Shorewall/action.AllowRsync
Normal file
10
Shorewall/action.AllowRsync
Normal file
@ -0,0 +1,10 @@
|
||||
#
|
||||
# Shorewall 2.0 /etc/shorewall/action.AllowRsync
|
||||
#
|
||||
# This action accepts connections required by the Rsync server
|
||||
#
|
||||
######################################################################################
|
||||
#TARGET SOURCE DEST PROTO DEST SOURCE RATE
|
||||
# PORT PORT(S) LIMIT
|
||||
ACCEPT - - tcp rsync
|
||||
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
10
Shorewall/action.AllowSMBswat
Normal file
10
Shorewall/action.AllowSMBswat
Normal file
@ -0,0 +1,10 @@
|
||||
#
|
||||
# Shorewall 2.0 /etc/shorewall/action.AllowSMBswat
|
||||
#
|
||||
# This action accepts connections required by the Amanda backup system.
|
||||
#
|
||||
######################################################################################
|
||||
#TARGET SOURCE DEST PROTO DEST SOURCE RATE
|
||||
# PORT PORT(S) LIMIT
|
||||
ACCEPT - - tcp 901
|
||||
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
10
Shorewall/action.AllowSPAMD
Normal file
10
Shorewall/action.AllowSPAMD
Normal file
@ -0,0 +1,10 @@
|
||||
#
|
||||
# Shorewall 2.0 /etc/shorewall/action.AllowSPAMD
|
||||
#
|
||||
# This action accepts SPAMD traffic.
|
||||
#
|
||||
######################################################################################
|
||||
#TARGET SOURCE DEST PROTO DEST SOURCE RATE USER/
|
||||
# PORT PORT(S) LIMIT GROUP
|
||||
ACCEPT - - tcp 783
|
||||
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
10
Shorewall/action.AllowSVN
Normal file
10
Shorewall/action.AllowSVN
Normal file
@ -0,0 +1,10 @@
|
||||
#
|
||||
# Shorewall 2.0 /etc/shorewall/action.AllowSVN
|
||||
#
|
||||
# This action accepts connections required by the Subversion server
|
||||
#
|
||||
######################################################################################
|
||||
#TARGET SOURCE DEST PROTO DEST SOURCE RATE
|
||||
# PORT PORT(S) LIMIT
|
||||
ACCEPT - - tcp 3690
|
||||
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
10
Shorewall/action.AllowSyslog
Normal file
10
Shorewall/action.AllowSyslog
Normal file
@ -0,0 +1,10 @@
|
||||
#
|
||||
# Shorewall 2.0 /etc/shorewall/action.AllowSyslog
|
||||
#
|
||||
# This action accepts syslog UDP traffic.
|
||||
#
|
||||
######################################################################################
|
||||
#TARGET SOURCE DEST PROTO DEST SOURCE RATE
|
||||
# PORT PORT(S) LIMIT
|
||||
ACCEPT - - udp syslog
|
||||
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
12
Shorewall/action.DropEdonkey
Normal file
12
Shorewall/action.DropEdonkey
Normal file
@ -0,0 +1,12 @@
|
||||
#
|
||||
# Shorewall 2.0 /etc/shorewall/action.DropEdonkey
|
||||
#
|
||||
# This action silently drops Edonkey Traffic.
|
||||
#
|
||||
######################################################################################
|
||||
#TARGET SOURCE DEST PROTO DEST SOURCE RATE
|
||||
# PORT PORT(S) LIMIT
|
||||
# PORT PORT(S) LIMIT GROUP
|
||||
DROP - - tcp 4662
|
||||
DROP - - udp 4665
|
||||
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
11
Shorewall/action.DropGnutella
Normal file
11
Shorewall/action.DropGnutella
Normal file
@ -0,0 +1,11 @@
|
||||
#
|
||||
# Shorewall 2.0 /etc/shorewall/action.DropGnutella
|
||||
#
|
||||
# This action silently drops Gnutella traffic.
|
||||
#
|
||||
######################################################################################
|
||||
#TARGET SOURCE DEST PROTO DEST SOURCE RATE
|
||||
# PORT PORT(S) LIMIT
|
||||
DROP - - tcp 6346
|
||||
DROP - - udp 6346
|
||||
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
10
Shorewall/action.DropSMTP
Normal file
10
Shorewall/action.DropSMTP
Normal file
@ -0,0 +1,10 @@
|
||||
#
|
||||
# Shorewall 2.0 /etc/shorewall/action.DropSMTP
|
||||
#
|
||||
# This action silently drops SMTP traffic.
|
||||
#
|
||||
######################################################################################
|
||||
#TARGET SOURCE DEST PROTO DEST SOURCE RATE
|
||||
# PORT PORT(S) LIMIT
|
||||
DROP - - tcp smtp
|
||||
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
@ -27,6 +27,8 @@ DropUPnP #Silently Drop UPnP Probes
|
||||
RejectAuth #Silently Reject Auth
|
||||
DropPing #Silently Drop Ping
|
||||
DropDNSrep #Silently Drop DNS Replies
|
||||
DropEdonkey # silently drop edonkey traffic
|
||||
DropGnutella # silently drop gnutella traffic
|
||||
|
||||
AllowPing #Accept Ping
|
||||
AllowFTP #Accept FTP
|
||||
@ -50,6 +52,24 @@ AllowTrcrt #Allows Traceroute (20 hops)
|
||||
AllowSNMP #Allows SNMP (including traps)
|
||||
AllowPCA #Allows PCAnywhere (tm)
|
||||
|
||||
# Added in Debian Packaging
|
||||
AllowSPAMD #Allows SpamAssassin daemon
|
||||
AllowSyslog #Allows syslog udp traffic
|
||||
AllowAmanda # Allow connections required by the Amanda backup system
|
||||
AllowLDAP # accepts LDAP traffic
|
||||
AllowICQ # Accepts ICQ traffic
|
||||
AllowBitTorrent # Accepts BitTorrent traffic
|
||||
AllowSMBswat # Allows Samba Swat
|
||||
DropSMTP # silently drops SMTP traffic
|
||||
AllowCVS # accept cvs pserver traffic
|
||||
AllowSVN # accept Subversion traffic
|
||||
AllowMySQL # accept MySQL traffic
|
||||
AllowPostgreSQL # accept PostgreSQL traffic
|
||||
AllowRsync # accept rsync traffic
|
||||
AllowDistcc # accept Distributed Compiler traffic
|
||||
AllowEdonkey # accept edonkey traffic
|
||||
AllowGnutella # accept edonkey traffic
|
||||
|
||||
Drop:DROP #Common Action for DROP policy
|
||||
Reject:REJECT #Common Action for REJECT policy
|
||||
#LAST LINE - ADD YOUR ENTRIES ABOVE THIS ONE - DO NOT REMOVE
|
||||
|
Loading…
Reference in New Issue
Block a user